BPR4GDPR – Business Process Re-engineering and functional toolkit for GDPR compliance

01/05/2018 to 30/04/2021


The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

The BPR4GDPR project has received funding from the European Union’s Horizon 2020 innovation programme under grant agreement No.787149 (Innovation Action) and coordinated by CAS SOFTWARE AG.

The goal of BPR4GDPR (Business Process Re-engineering and functional toolkit for GDPR compliance) is to provide a holistic framework able to support end-to-end GDPR-compliant intra- and interorganisational ICT-enabled processes at various scales, while also being generic enough, fulfilling operational requirements covering diverse application domains.

The proposed solutions in BPR4GDPR will have a strong semantic foundation and cover the full process lifecycle addressing major challenges and priorities posed by the regulation, including requirements interpretation, broad territorial scope, accountability, security means enforcement, data subject’s rights and consent, unified data view and processing actions inventory, privacy by design, etc.

Who is the project designed for?

Public Sector Organizations, IT SMEs, Researchers, Security Software Industry, End User Organizations, Cyber insurance companies, Policy & Regulators, Academia, ICT Sectors.

How will your project benefit the end-user?

BPR4GDPR adopts a holistic approach for GDPR compliance, addressing the requirements during different operational phases. In this context, BPR4GDPR will facilitate the enforcement of appropriate organisational and technical measures required for data protection, by automating several aspects of “compliance engineering”. To this end, it will be based on a number of enabling pillars:

  • Comprehensive security and data protection policies,
  • Incorporation of policies into process models,
  • Automatic process models re-engineering in terms of compliance-aware verification and transformation,
  • Tools for facilitating run-time compliance enforcement,
  • Process mining for the identification of compliance discrepancies and discovery of organisational procedures.
Thursday, 10 January, 2019

Project type:


POSEIDON: Protection and control of Secured Information by means of a privacy-enhanced Dashboard

Poseidon is one of the General Data Protection Regulation (GDPR) Cluster projects that aims to develop an innovative Privacy Enhancing Dashboard for personal data protection supporting the digital security pillars of the new EU’s GDPR.

Future Events

Cluj Innovation Days
24/05/2019 to 25/05/2019

Digital transformation is the new buzz concept, threatening the until recently undisputed reign of “Innovation”. Lately, the two have become synonyms or, in many cases, they condition each other in a very fuzzy relationship: you cannot have innovation without at least some degree of digitalization, but digital transformation is a consequence of being innovative.Amidst all this tumult and debate, the process is already transforming our professional and personal environments. Various sectors are on the blink of radical transformation, while others will disappear altogether.

Brussels - Second CW Concertation Meeting, 04/06/2019

Join us at the second Cyberwatching.eu Concertation meeting, 04 June 2019!